Talk:VoIP Phones - Asterisk: Difference between revisions
SimonArlott (talk | contribs) No edit summary |
SimonArlott (talk | contribs) No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 7: | Line 7: | ||
context=aaisp-incoming-context |
context=aaisp-incoming-context |
||
secret=aaisp-incoming-password |
secret=aaisp-incoming-password |
||
transport=udp |
|||
disallow=all |
|||
allow=alaw |
|||
trustrpid=yes |
trustrpid=yes |
||
</pre> |
</pre> |
||
| Line 12: | Line 15: | ||
== Authentication == |
== Authentication == |
||
*Voiceless must authenticated so that calls are recognised as the above peer section. |
*Voiceless must authenticated so that calls are recognised as the above peer section. |
||
| ⚫ | |||
*There are two options: either detect Voiceless and ask it to authenticate, or request that every rejected INVITE from all sources authenticates. |
|||
| ⚫ | |||
=== Authenticate Everyone === |
|||
*This is the more secure option as it stops your usernames from being enumerated by brute force. |
|||
<pre> |
<pre> |
||
[general] |
[general] |
||
alwaysauthreject=yes |
|||
match_auth_username=yes |
match_auth_username=yes |
||
</pre> |
</pre> |
||
=== Authenticate Voiceless === |
|||
*This is the more complex option as you need to list every Voiceless name. |
|||
<pre> |
|||
[general] |
|||
alwaysauthreject=no |
|||
match_auth_username=yes |
|||
[aaisp-voiceless] |
|||
type=peer |
|||
md5secret=intentionally_invalid_md5_string |
|||
[aaisp-voiceless-a4](aaisp-voiceless) |
|||
host=a4.voiceless.aa.net.uk |
|||
defaultip=81.187.30.111 |
|||
[aaisp-voiceless-b4](aaisp-voiceless) |
|||
host=b4.voiceless.aa.net.uk |
|||
defaultip=81.187.30.113 |
|||
[aaisp-voiceless-c4](aaisp-voiceless) |
|||
host=c4.voiceless.aa.net.uk |
|||
defaultip=81.187.30.112 |
|||
[aaisp-voiceless-d4](aaisp-voiceless) |
|||
host=d4.voiceless.aa.net.uk |
|||
defaultip=81.187.30.114 |
|||
</pre> |
|||
= Outgoing Calls = |
= Outgoing Calls = |
||
| Line 63: | Line 33: | ||
username=aaisp-phone-number |
username=aaisp-phone-number |
||
remotesecret=aaisp-outgoing-password |
remotesecret=aaisp-outgoing-password |
||
transport=udp |
|||
disallow=all |
|||
allow=alaw |
|||
</pre> |
</pre> |
||
| Line 69: | Line 42: | ||
[aaisp-incoming-username] |
[aaisp-incoming-username] |
||
type=friend |
type=friend |
||
transport=udp |
|||
disallow=all |
|||
allow=alaw |
|||
; incoming |
; incoming |
||
context=aaisp-incoming-context |
context=aaisp-incoming-context |
||
Latest revision as of 20:04, 7 April 2015
Incoming Calls
Peer Section
- Accept authenticated calls and route them to a context.
[aaisp-incoming-username] type=peer context=aaisp-incoming-context secret=aaisp-incoming-password transport=udp disallow=all allow=alaw trustrpid=yes
Authentication
- Voiceless must authenticated so that calls are recognised as the above peer section.
- You need to use the match_auth_username=yes setting otherwise Asterisk will not recognise Voiceless' initial requests.
[general] match_auth_username=yes
Outgoing Calls
- Either use a separate type=user section or combine incoming and outgoing in one type=friend section
Separate Section
[aaisp-outgoing-account] type=user host=voiceless.aa.net.uk defaultip=81.187.30.111 username=aaisp-phone-number remotesecret=aaisp-outgoing-password transport=udp disallow=all allow=alaw
Combined Section
[aaisp-incoming-username] type=friend transport=udp disallow=all allow=alaw ; incoming context=aaisp-incoming-context secret=aaisp-incoming-password trustrpid=yes ; outgoing host=voiceless.aa.net.uk defaultip=81.187.30.111 username=aaisp-phone-number remotesecret=aaisp-outgoing-password